Updated August 8, 2024
Please read this Product Privacy Policy carefully. We reserve the right to change or modify any of the terms and conditions contained herein at any time and in our sole discretion. Any changes or modification will be effective immediately upon posting of the revisions on this website, and you waive any right to receive specific notice of such changes or modifications. Your continued use of this website and the PlexTrac Services following the posting of changes or modifications will confirm your acceptance of such changes or modifications.
As a PlexTrac user, you have the right to be informed how your personal information is collected, used, and shared throughout your use of the PlexTrac platform. This policy is intended to provide transparency on our processes concerning the use, storage, and sharing of your personal data.
PlexTrac (816 W Bannock St, Unit 400, Boise, ID 83702, USA) is the data controller for all data collected in connection with the use of PlexTrac’s services worldwide.
No personal information is collected or transferred outside of Customer instances. For users outside of the United States of America, instances are provisioned within your geographic locale to ensure data residency is always maintained. Occasionally data center or server migrations do occur, however, destination data centers/systems are required to be within the customer’s locale.
PlexTrac does not transfer or share your personally identifiable information with third parties for any reason. All User data resides in data centers secured with industry best practices within your country of origin.
During PlexTrac’s onboarding, workflow Users are provided with both our “Terms of Service” and this Policy for review. Prior to completing registration all users must accept both policies and their underlying conditions. When Users need to modify their personal information within the platform self-service functionality is available.
While PlexTrac and its Customer Support Portal require the least amount of information possible about users and systems – there are specific data points collected, stored, and retrieved during normal Platform use and during administration of Customer support requests. Data collected via Customer support requests is used solely to facilitate expedited customer support and formal communications regarding system issues and bug reports.
All information collection can be categorized as follows:
During the account setup process the following personal information of Users is input into PlexTrac’s systems:
These pieces of personal information are used to refer to the user within the platform and require proper authorization/authentication prior to access.
Actions performed within the platform are anonymized and aggregated for internal analysis by PlexTrac’s team (e.g., understanding how users interact with our systems). This data is collected to support continued platform enhancements and understanding user experience/behaviors. No Personal Information is required or transmitted as a means of supporting this internal analysis.
Private hosted instances of PlexTrac (managed services) provide uptime, error rates, memory use, disk capacity, anomalies, and general instance health information to PlexTrac’s monitoring systems. This data is collected to ensure continued system operations and Customer use of the platform. No personal information is required or transmitted to support collection of system metrics.
Access to personally identifiable information within a Customer instance is restricted to the Customer and its authorized Users. PlexTrac does not maintain any persistent access to customer instances or the underlying platform data. Customers may authorize temporary system access to PlexTrac’s staff for troubleshooting purposes as required. Upon completion of troubleshooting temporary access is revoked.
PlexTrac provides all clients the option to utilize the Customer Support Portal for streamlined support, including error remediation. By utilizing the Customer Support Portal, users are advised to review SalesForce’s privacy policies, procedures, and documentation (which govern a customer’s use of the Customer Support Portal), prior to initiating a Customer Support Portal request.
SalesForce’s Privacy Policy, Compliance and Security documentation can be found at:
https://www.salesforce.com/company/legal/privacy/
1. Information stored or sent to third party services under your control (i.e. Jira, Service Now, HackerOne, and Cobalt) are not governed under this policy. All external connections will rely upon your agreements with third parties and their privacy/data transfer policies.
2. Customer relationship information (e.g. Customer agreements) is stored outside of the PlexTrac platform.
All services utilized by PlexTrac do not require storage of cookies on end-user devices.
1. Personal Information stored within your instance of PlexTrac is collected during the registration/onboarding process.
2. Personal Information stored within PlexTrac’s Customer Support Portal is collected during the Platform’s registration process.
3. System performance metrics and application usage information are anonymized and collected during use of the PlexTrac Platform.
All personal information stored within PlexTrac’s Platform is used during the report creation and engagement management workflows. PlexTrac the organization does not use or collect this information for any purpose.
System performance metrics are used internally to assess if the services offered by PlexTrac are functioning normally and to instance health alerts in order to provide the best user experience for our client base.
Application/feature use metrics are anonymized and analyzed internally for product/feature validation and adoption rates to drive product development and Platform enhancements.
Personal information stored within our Platform is owned by customers and their users. We do not access or share this information for any purpose as a part of supporting the Platform.
We take the protection of your data extremely seriously. As such the following best practices and processes are implemented to ensure data and systems are safe:
Due to data stored within the platform being owned and controlled by you and your organization, data retention relies completely upon your internal policies/procedures.
Upon removal of a Customer or User instance, individual Users are deactivated and their Personal Information is updated to values resembling the following:
This is to prevent destructive actions or integrity issues in system data while still ensuring all users are granted their right to be forgotten within the Platform.
For business continuity purposes backups of customer systems are encrypted and retained by PlexTrac for up to 90 days. All backups are stored offsite within your country of origin for redundancy. Backups are securely deleted upon customer request or contract termination. All data deletion requests are processed within 10 business days of written receipt. Customer data deletion is performed securely using industry best practices to prevent data leakage.
Requests for backup deletion can be submitted to our privacy team at privacy@plextrac.com upon contract termination for expedited cleanup.
Through PlexTrac’s services you always have control over your data. Access, updates, and removal are left at your discretion. We do not assume control of any of this information on the behalf of customers or their users.
To be as transparent as possible regarding modifications to this policy all updates to the policy are tracked at the end of this document for historical context.
This policy and its terms must be reviewed annually, and all material changes are to be reviewed by PlexTrac’s leadership team. All employees are required to review this policy during onboarding and annually thereafter.
Inquiries, complaints, and disputes related to privacy and personal information can be submitted for review by PlexTrac’s privacy team at: privacy@plextrac.com.
All requests are registered and tracked using an internal ticketing system.